http fail over with srv records

Chris Buxton cbuxton at menandmice.com
Thu Jan 10 21:24:13 UTC 2008


Your basic problem here is that it's up to the web browser to do the  
right thing, and nearly all of them don't. I believe there might be  
one or two (Opera?) that do, but the major browsers (IE, Firefox, and  
Safari) do not.

As a side note, if browsers did support SRV records, you would want  
another RRSet named _http._tcp.www, to cover the case when users enter  
"www.cska.dom" into their browsers.

Since a purely DNS-based solution won't work, you might consider  
something at the HTTP level, or you might want to consider finding a  
way to force your DNS records to react to an outage. For example:

- I believe F5 makes some appliances...

- You could have a process watching your web servers and using dynamic  
update to change the A record when needed. I believe there are canned  
solutions for this as well.

- You could put a hidden master name server on each web server, and  
configure your publicized DNS servers as slaves, with the backup  
master listed second. Add "multimaster true;" to each slave zone  
statement, if I recall the syntax correctly. Then if web server A goes  
down (the whole machine, or its connection to the Internet), the DNS  
servers would switch over to server B and its different data. Use a  
short refresh interval to make this more responsive. Note that if the  
web server process fails, but the server machine is still up, you're  
out of luck here.

In general, this is a tough issue to solve. It would be very nice if  
the browsers supported SRV records, because then we could stop playing  
all these games, but unfortunately they do not.

Chris Buxton
Professional Services
Men & Mice
Address: Noatun 17, IS-105, Reykjavik, Iceland
Phone:   +354 412 1500
Email:   cbuxton at menandmice.com
www.menandmice.com

Men & Mice
We bring control and flexibility to network management

This e-mail and its attachments may contain confidential and  
privileged information only intended for the person or entity to which  
it is addressed. If the reader of this message is not the intended  
recipient, you are hereby notified that any retention, dissemination,  
distribution or copy of this e-mail is strictly prohibited. If you  
have received this e-mail in error, please notify us immediately by  
reply e-mail and immediately delete this message and all its attachment.



On Jan 10, 2008, at 11:35 AM, Radi Tzvetkov wrote:

> Trying to set a simple fail over when site A is active and site B is
> standby. When A fails all traffic goes to B. Should be pretty easy
> with SRV records but my experimental BIND server does not deliver the
> expected result. Also i am not sure if these records are implemented
> in IE7 or Firefox.
> Aslo any suggestions on how to support multiple grographically  
> dispersed web
> servers are welcome.
>
> Here is the zone file:
>
> $TTL 86400
>
> @       IN      SOA     ns1.cska.dom.      dnsadmin.cska.dom. (
>                      5        ; serial number YYMMDDNN
>                       28800           ; Refresh
>                       7200            ; Retry
>                       864000          ; Expire
>                       86400           ; Min TTL
>                       )
>
>               NS      ns1.cska.dom .
>               NS      ns2.cska.dom.
>
>               MX      10 mail.cska.dom.
>
>
>
> _http._tcp.cska.dom. SRV   10 1 80      host1.cska.dom.
> _http._tcp.cska.dom. SRV   20 0 80      host2.cska.dom.
>
> cska.dom.               A     10.1.1.13
> host1.cska.dom.         A     64.233.167.99
> host2.cska.dom.         A     10.1.9.1
>
>
> ns1.cska.dom.           A       10.1.9.1
> ns2.cska.dom.           A       10.1.9.1
> mail.cska.dom.          A       10.1.9.1
>
> ; NO other services are supported
>     *._tcp          SRV  0 0 0 .
>     *._udp          SRV  0 0 0 .
>
>
> $ORIGIN cska.dom.
>
>
>



More information about the bind-users mailing list